System for tracking domain name related reputation

ABSTRACT

Systems and methods of the present invention allow for tracking of domain name related reputation by a domain name Registering Entity (e.g. Registry, Registrar, etc.). In a preferred embodiment, the Registering Entity maintains a database with reputation data that can be accessed by the requesters. The Registering Entity may update reputation data based on a variety of events related to the domain name. The reputation data may be tracked on the domain name itself, URLs, domain name purchaser or registrant, or email addresses associated with the domain name. The reputation data may include various categories, such as email practices, website content, privacy policies and practices, fraudulent activities, domain name related complaints, overall reputation, etc. The registrant may opt for a reputation service while registering domain name. The requester may decide whether to allow email messages or to visit URLs based on the domain name related reputation.

CROSS REFERENCE TO RELATED PATENT APPLICATIONS

The present application is a divisional of U.S. patent application Ser.No. 10/977,373, titled “Tracking Domain Name Related Reputation,” filedOct. 29, 2004.

This patent application is also related to the following patentapplications, all assigned to The Go Daddy Group, Inc:

U.S. patent application Ser. No. 10/976,834, titled “Publishing DomainName Related Reputation in WHOIS Records,” filed Oct. 29, 2004.

U.S. patent application Ser. No. 10/976,547, titled “Presenting SearchEngine Results Based on Domain Name Related Reputation,” filed Oct. 29,2004.

U.S. patent application Ser. No. 12/409,495, titled “System for TrackingDomain Name Related Reputation,” filed Mar. 23, 2009, which is adivisional of U.S. patent application Ser. No. 10/977,373.

U.S. patent application Ser. No. 12/409,492, titled “Method forAccessing Domain Name Related Reputation,” filed Mar. 23, 2009, which isa divisional of U.S. patent application Ser. No. 10/977,373.

FIELD OF THE INVENTION

The present invention relates to systems and methods for tracking domainname related reputations, such as reputations of domain names,reputations of domain name registrants, and reputations of emailaddresses.

BACKGROUND OF THE INVENTION

The Internet is a worldwide network of computers and computer networksarranged to allow the easy and robust exchange of information betweenusers of computers. Hundreds of millions of people around the world haveaccess to computers connected to the Internet via Internet ServiceProviders (ISPs). Content providers place multimedia information, i.e.text, graphics, sounds, and other forms of data, at specific locationson the Internet referred to as websites. The combination of all thewebsites and their corresponding webpages on the Internet is generallyknown as the World Wide Web (WWW) or simply web.

Websites may be created using HyperText Markup Language (HTML) togenerate a standard set of tags that define how the webpages for thewebsite are to be displayed. Users of the Internet may access contentproviders' websites using software known as an Internet browser, such asMICROSOFT INTERNET EXPLORER or NETSCAPE NAVIGATOR. After the browser haslocated the desired webpage, it requests and receives information fromthe webpage, typically in the form of an HTML document, and thendisplays the webpage content for the user. The user may then view otherwebpages at the same website or move to an entirely different websiteusing the browser.

Websites allow businesses and individuals to share their informationwith a large number of Internet users. Further, many products andservices are offered for sale on the Internet, thus elevating theInternet to an essential tool of commerce.

Electronic mail or email is another important part of the Internet.Email messages may contain, for example, text, images, links, andattachments. Email is one of the most widely used methods ofcommunication over the Internet due to the variety of data that may betransmitted, large number of available recipients, speed, low cost andconvenience.

Email messages may be sent, for example, between friends, family membersor between coworkers thereby substituting for traditional letters andoffice correspondences in many cases. This is made possible because theInternet has very few restrictions on who may send emails, the number ofemails that may be transmitted and who may receive the emails. The onlyreal hurdle for sending emails is the requirement that the sender mustknow the email address (also called network mailbox) of the intendedrecipient.

Email messages travel across the Internet, typically passing from serverto server, at amazing speeds achievable only by electronic data. TheInternet provides the ability to send an email anywhere in the world,often in less than a few seconds. Delivery times are continually beingreduced as the Internet's ability to transfer electronic data improves.

Most internet users find emails to be much more convenient thantraditional mail. Traditional mail requires stamps and envelopes to bepurchased and a supply maintained, while emails do not require the costsand burden of maintaining a supply of associated products. Emails mayalso be sent with the click of a few buttons, while letters typicallyneed to be transported to a physical location, such as a mail box,before being sent.

Once a computer and an Internet connection have been purchased, thereare typically few additional costs associated with sending emails. Thisremains true even if millions, or more, of emails are sent by the sameuser. Emails thus have the extraordinary power of allowing a single userto send one or more messages to a very large number of people at anextremely low cost.

The Internet has become a very valuable tool for business and personalcommunications, information sharing, commerce, etc. However, someindividuals have abused the Internet. Among such abuses are phishing,spam, and posting of illegal content on a website (e.g. childpornography). Phishing is the luring of sensitive information, such aspasswords, credit card numbers, bank accounts and other personalinformation, from an Internet user by masquerading as someonetrustworthy with a legitimate need for such information. Spam orunsolicited email is flooding the Internet with many copies of theidentical or nearly identical message, in an attempt to force themessage on people who would not otherwise choose to receive it. Mostspam is commercial advertising, often for dubious products,get-rich-quick schemes, or quasi-legal services.

A single spam message received by a user uses only a small amount of theuser's email account's allotted disk space, requires relatively littletime to delete and does little to obscure the messages desired by theuser. Even a small number of spam messages, while still annoying, wouldnonetheless cause relatively few real problems. However, the number ofspam transmitted over the Internet is growing at an alarming rate. Whilea single or small number of spam messages are annoying, a large numberof spam can fill a user's email account's allotted disk space therebypreventing the receipt of desired emails. Also, a large number of spamcan take a significant amount of time to delete and can even obscure thepresence of desired emails in the user's email account.

Spam currently comprises such a large portion of Internet communicationsthat they actually cause data transmission problems for the Internet asa whole. Spam creates data log jams thereby slowing the delivery of moredesired data through the Internet. The larger volume of data created byspam also requires the Internet providers to buy larger and morepowerful, i.e. more expensive, equipment to handle the additional dataflow caused by the spam.

Spam has a very poor response rate compared to other forms ofadvertisement. However, since almost all of the costs/problems fortransmitting and receiving spam are absorbed by the recipient of thespam and the providers of the hardware for the Internet, spam isnevertheless commercially viable for a spammer due to the extremely lowcost of transmitting the spam.

There are various techniques used for combating Internet abuses. Amongthem: an SSL (Secure Socket Layer) protocol in conjunction with aCertification Authority that authenticates the owners of the domainname, spam filtering, email challenge-response systems, maintainingwhite and/or black lists for email addresses, domain names, and IP(Internet Protocol) numbers, etc.

Below are a few examples of the systems (some reputation-based) thatcombat spam.

The SENDERBASE system keeps track of the amount of email messagesoriginating from various domain names and IP addresses. IRONPORT SYSTEMSINC., a company that maintains SENDERBASE.ORG, explains how it works inthis example: “If a sender has high global volumes of mail—say 200Million messages per day—from a network of 5 different domains and 1,700IP addresses that have only been sending mail for 15 days yet have ahigh end user complaint rate and they don't accept incoming mail, theywill have a very low reputation score [ . . . ]. If a sender is aFortune 500 company, they will likely have much more modest global emailvolumes—say 500,000 messages per day—will have a smaller number of IPsand domains with a long sending history, they will accept incoming emailand have low (or zero) end user complaint rates.”

The Bonded Sender Program maintains a white list-like service. Theparticipants of the service must adhere to the rules and post a bond tobe included on the white list.

SPAMCOP maintains a black list of IP addresses and allows users toreport spam to a centralized database.

Multiple solutions are created for establishing “societies” of trustedusers. Some solutions keep track of user reputation or trust level.

CLOUDMARK, Inc. provides spam filtering and allows users to block orunblock messages manually. The users' votes on messages (blocking andunblocking) are reported to a centralized database, allowing for betterspam filtering by reducing the number of false positives. Each CLOUDMARKuser is assigned with a reputation (trust rating). If a malicious userunblocks a spam message, while a large number of other users block it,the malicious user's reputation will go down. If a user votes along thelines with the rest of the users, her/his reputation raises.

VERISIGN, Inc. maintains the list of domain names that were issued aVERISIGN SSL digital certificate, so called “Verified Domains List.” Thecompany plans to make the list accessible to third parties.

Some systems suggest publishing reputation data in the DNS (Domain NameSystem) records.

For the reputation-based systems to work properly, the sender's emailaddress or at least its domain name part should be correct. Oftenmalicious users forge (spoof) the sender's email address when they sendout spam, viruses, or phishing email messages. Among the solutions tothis problem are MICROSOFT's Sender ID and YAHOO's Domain Keys. TheSender ID proposal envisions publishing the sender's email IP address inthe DNS records of the sender's server. This allows the receiver of theemail message to compare the originating IP address in the email withthe IP address published in the DNS. If they don't match, the emailaddress was forged. The Domain Keys proposal utilizes public-private keyinfrastructure. The sender publishes its public key in the DNS recordsand digitally signs outgoing email messages with its private key. Thereceiver can validate the sender's signature using the sender's publickey published in the DNS records.

Even though multiple reputation-based systems are being used, the amountof spam and other Internet abuses is steadily rising. Existing systemsare numerous but often are not connected and none of them utilize theunique role of a domain name Registry or a domain name Registrar on theInternet. Internet users do not know which system to use and oftencannot even find them. Many systems require participation (membership)in a trusted society, thus alienating users who are not part of thesociety. Some of the systems also do not provide dynamic updates of thereputation over time.

Therefore, new systems and methods are needed to overcome thelimitations of the current systems and methods. It is desired to createsystems and methods that provide more efficient solutions for combatingInternet abuses through reputation tracking.

SUMMARY OF THE INVENTION

The limitations cited above and others are substantially overcomethrough the systems and methods disclosed herein. The systems andmethods of the present invention allow for more efficient tracking ofdomain name related reputation and as a result in combating variousInternet abuses.

Certain embodiments of the present invention take advantage of theunique role of a domain name Registry or a domain name Registrar(hereinafter, Registering Entity) in the Internet. Typically, aRegistering Entity has access to the information that other parties donot. This includes, client contact information, billing records,complaints against clients, etc. If the Registering Entity is also a PKI(public key infrastructure) certification authority, it has access to aneven wider range of information obtained through a verification processof its clients.

The preferred embodiment of the present invention calls for establishingand maintaining a reputation database by a Registering Entity for itsclients. Reputation data may be tracked with relation to the domain nameitself, URLs (Uniform Resource Locators) associated with the domainname, domain name purchaser or registrant, or email addresses associatedwith the domain name. The reputation data may include ratings forvarious categories, such as email practices, website content, privacypolicies and practices, fraudulent activities, domain name relatedcomplaints, overall reputation, etc. The Registering Entity may updatereputation data based on a variety of events related to the domain name.

One of the embodiments of the present invention allows a registrant tovet for the reputation service, while the registrant is registering orrenewing a domain name (point of sale). If the registrant decides to optfor the reputation service, the Registering Entity may verify theregistrant and set reputation to initial value. Verification may includevalidating information appearing in the WHOIS records or in privateregistration records.

When a recipient receives an email message from a sender, the recipientcan determine a domain name from which the message originated. Then,through Registry's WHOIS records, the recipient may determine theRegistrar of the domain name. Finally, the recipient will access areputation data, maintained by the Registrar. The reputation data may befor the domain name itself, domain name registrant, sender's emailaddress, etc. Access to the domain name related reputation data willhelp to determine if the recipient should allow (accept) the emailmessage from the sender.

Similarly, if an Internet user intends to visit a webpage located at aURL, the Internet user may first check reputation data for the domainname associated with the URL. Each URL may have its own reputationrating as well.

Access to the reputation data and other tasks may be accomplishedautomatically by computer programs. Such programs may be running inconjunction with client or server email software, Internet browsers, orISP (Internet Service Provider) software.

Additionally, the Registering Entity or another party may publish domainname related reputation data in the WHOIS records. Reputation ratings orvalues may be published in the WHOIS records of the domain name.Alternatively, links or references to a location of the reputationratings or values may be published in the WHOIS; such links orreferences may include a URL link, a DNS address, an IP address, acomputer port or any combination thereof. One embodiment of the methodfor publishing the domain name related reputation data in the WHOISrecords includes the following steps, the Registering Entity collectsdomain name related information and forms domain name related reputationdata. Then, the Registering Entity stores the domain name relatedreputation data in the WHOIS records.

Domain name related reputation may be used as one of the parameters forpresenting search engine results. The links to the domain names or URLswith a low reputation may be moved closer to the end of the searchengine results list or removed from the list altogether. One embodimentof the method for presenting search engine results based on the domainname related reputation includes an Inquirer posting a search query to asearch engine. The search engine forms search engine results based, atleast in part, on the domain name related reputation and returns theresults to the Inquirer.

The systems and methods of the present invention will help Internetusers to combat various forms of Internet abuse.

The above features and advantages of the present invention will bebetter understood from the following detailed description taken inconjunction with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a preferred embodiment of thesystem of the present invention.

FIG. 2 is a flowchart illustrating a method of the present invention fortracking domain name related reputation.

FIG. 3 is a flowchart illustrating a method of the present invention foraccessing domain name related reputation after receiving an emailmessage.

FIG. 4 is a flowchart illustrating a method of the present invention foraccessing domain name related reputation before visiting a URL.

FIG. 5 is a flowchart illustrating a method of the present invention forinitiating tracking of domain name related reputation at the point ofsale of the domain name.

DETAILED DESCRIPTION AND PREFERRED EMBODIMENT

The present invention will now be discussed in detail with regard to theattached drawing figures which were briefly described above. In thefollowing description, numerous specific details are set forthillustrating the Applicant's best mode for practicing the invention andenabling one of ordinary skill in the art of making and using theinvention. It will be obvious, however, to one skilled in the art thatthe present invention may be practiced without many of these specificdetails. In other instances, well-known machines and method steps havenot been described in particular detail in order to avoid unnecessarilyobscuring the present invention. Unless otherwise indicated, like partsand method steps are referred to with like reference numerals.

For the purposes of this application Registering Entity may include oneor more domain name Registries, and/or one or more domain nameRegistrars, and/or one or more domain name Resellers.

Some embodiments of the present invention utilize the unique position ofa Registering Entity on the Internet. For example, the Registrar hasaccess to the domain name billing information and can determine who thepurchaser of the domain is. The contact information in the domain nameWHOIS records is provided by the registrant and is not always reliable.In this case, the Registrar may rely on the billing information.Further, the registrant may choose private registration and theregistrant's WHOIS records will be hidden to the public. Nevertheless,the Registrar still has access to the registrant's private registrationrecords. Typically, the Registering Entity has access to forwarding,masking, and DNS records of the domain name, thus if reputation valuesare determined for one of the domain names, those reputation values maybe associated with all the domain names connected through forwarding,masking, or DNS records. Further, the Registering Entity may changeWHOIS records; this allows the Registering Entity to save domain namerelated reputation information into the WHOIS records. If theRegistering Entity is a hosting provider for the domain name, theRegistering Entity may save domain name related reputation informationinto the DNS records as well.

The WHOIS data may be maintained by a Registry, a Registrar, and/oranother party. “Thin” Registries store limited amount of informationabout a domain name; typically, it includes: “Domain Name”, “Registrar”,“Whois Server”, “Referral URL”, “Name Server”, “Status”, “Updated Date”,“Creation Date”, “Expiration Date”, etc. “Thick” Registries in additionstore Registrant, Administrative, Technical, and Billing contactinformation. Registrars usually store detail information about thedomain names registered through them. Even though, the WHOIS is publicrecords, many Registries and Registrars limit access to the WHOIS databy automated solutions (e.g. computer programs, scripts, “crawlers,”etc.). This prevents copying substantial parts of the WHOIS database andpotential use of this data for unsolicited email campaigns. Typically,the Registering Entity may avoid such limitations. Additionally, for thedomain names registered through the Registrar, the Registrar has accessto the domain name registrations, renewals, transfers, expirations, etc.in real time.

For the purposes of this application domain name related reputation datamay include one or more values, ratings, or scores per a domain name.The data may further include links or references to the locations(typically on the network) where such values, ratings, or scores may befound.

Referring to FIG. 1, the preferred embodiment of the system of thepresent invention includes a Registering Entity 105, a Domain NamesDatabase 110, a Reputation Database 115, a Presentation Means 120, aSubject 125, and a Requester 130. The Registering Entity 105 may be adomain name Registry, a Registrar of domain names, or a Reseller of aRegistrar. The Registering Entity 105 may be an accredited ICANN(Internet Corporation for Assigned Names and Numbers) Registry orRegistrar. Examples of ICANN-accredited Registrars include Go DaddySoftware, Wild West Domains, etc. The Registering Entity 105 maintainsthe Domain Names Database 110. The Domain Names Database 110 is adatabase containing one or more domain names registered through or withthe Registering Entity 105. The Subject 125 is a person or an entityassociated with one or more domain names registered through theRegistering Entity 105 (link 145).

The Subject 125 may be a client of the Registering Entity 105, apurchaser of products or services provided by the Registering Entity105, a user of the products or services provided by the RegisteringEntity 105 (e.g. email account users), a registrant of one or moredomain names registered through the Registering Entity 105, a person orentity on record with the Registering Entity 105 (e.g. billing records,private registration records, etc.), a person or entity appearing in theWHOIS records for one or more domain names registered through theRegistering Entity 105 or any combination thereof. The system mayinclude one or more Subjects. The system may also include one or moreRegistering Entities; for simplification purposes the system of FIG. 1is described as having one Registering Entity.

The products or services provided by the Registering Entity 105 mayinclude registering a domain name, providing an email service (account),hosting service, issuing a digital certificate, computer software,website designing tools and/or services, reputation tracking service orany combination thereof.

The Reputation Database 115 stores domain name related reputation data.There may be multiple records in the Reputation Database 115 for asingle domain name from the Domain Names Database 110 (link 135). TheReputation Database 115 preferably would be maintained by theRegistering Entity 105, but could be maintained by a third party. TheReputation Database 115 may store reputation records for variouscategories associated with a domain name. Such categories may includeemail practices, website content, privacy policies and practices,fraudulent activities, complaints, an overall reputation or anycombination thereof. The overall reputation may be calculated from otherreputation records using the sum, average, minimum, maximum, or anyother formula. The reputation data may be tracked on a person or anentity, a domain name, a URL associated with the domain name, an emailaddress or any combination thereof.

The Reputation Database 115 may hold data on the amount of spam thatoriginated from a domain name email accounts (per week, per month, peryear, total, etc.), number of complaints (about spam, about phishing,about other fraudulent activities), or website content (illegal drugs,alcohol, tobacco, sex, pornography, nudity, or any other form of adultcontent, profanity, violence, intolerance, hate, racism, militantgroups, extremists, Satanism, witchcraft, gambling, casino, spam, MLM,pyramid schemes, fraud, or any other illegal activity, etc.). The valuesin the reputation data may be numeric ratings or values out of apredetermined set of discrete values. Examples of sets of discretevalues include: Yes-No, Bad-Fair-Good-Excellent, etc.

The reputation values associated with a domain name itself, a domainname registrant (as appearing in WHOIS records), and a domain namepurchaser (a person or entity billed) may differ. For example, thedomain name purchaser may purchase domain names A, B, and C. The domainname registrant may be the same for domain names A and B, and differentfor C. Domain name A may have an “Under Construction” page, domain B maybe used for an adult content website and domain C may be used forsending out spam. Even though the reputation ratings for domain name Aitself would not indicate adult content or spam, the ratings for thepurchaser of the domain name A, may so indicate. Similarly, thereputation ratings of the registrant of the domain name A may indicateadult content, because domain name A has the same registrant as domainname B.

The domain name registrant reputation values may be calculated asminimum, maximum, average, sum, or any other formula from some or alldomain names with the same registrant. Similarly, the domain namepurchaser reputation values may be calculated as minimum, maximum,average, sum, or any other formula from some or all domain namespurchased by the purchaser. In effect the reputation associated with theSubjects (registrants, owners, clients, etc.) may cross multiple domainnames.

The Reputation Database 115 may obtain various reputation data fromother reputation services, such as SENDERBASE.ORG, Bonded SenderProgram, SPAMCOP, “societies” of trusted users, black and whitedomain/IP/email lists, CLOUDMARK, VERISIGN Verified Domains List,TRUSTe, etc. The variety of reputation data may aid in making betterdecisions by the Requester 130.

Besides providing “raw” data in the Reputation Database 115 for theRequester 130 to make decisions, the Registering Entity 105 may providesuggestions or recommendations if a particular domain name, URL, emailaddress, etc. should be trusted.

The Registering Entity 105 may start tracking domain name relatedreputation voluntarily or after a request from the Subject 125. TheRegistering Entity 105 may offer the reputation tracking as anadditional service to the Registering Entity's clients.

The Requester 130 may be a person, an entity, or a technological means,such as a computer software, a website, a web service, etc. The systemmay include one or more Requesters. The data from the ReputationDatabase 115 may be provided to the Requester 130 via the PresentationMeans 120 (links 140 and 150).

The Presentation Means 120 are means for presenting the data and may bemaintained by the Registering Entity 105 and may include DNS records,WHOIS records, a website, a web service, a computer software, anAPI-based solution or protocol, or any combination thereof. For example,the Registering Entity 105 may post some reputation values in the domainname DNS or WHOIS records or post into DNS or WHOIS a URL link to thelocation on the network (e.g. Internet website) where the reputationdata may be found.

In another embodiment of the invention the partners of the RegisteringEntity 105 may have access to the Reputation Database 115. ThePresentation Means 120 in this embodiment may include a system thatperiodically feeds reputation data to the partners. The reputation datamay be in XML (eXtensible Markup Language), character-delimited (e.g.CSV (Comma-Separated Values) or TSV (Tab Separated Values)), fixedlength, or other formats.

The system of the present invention provides a framework, centralizedaround a Registering Entity, for accessing the reputation data. AnyInternet or email user (or automated solutions) may find domain namerelated reputation data through a Registering Entity where the domainname was registered or in domain name WHOIS records as opposed to avariety of disconnected solutions that may exist presently. If a domainname is transferred from one Registering Entity to another, thereputation data may be transferred from one Registering Entity toanother as well.

FIG. 2 depicts a method in accordance with the teachings of the presentinvention for tracking domain name related reputation. A RegisteringEntity may set one or more values in domain name related reputation datato initial values (Step 205). The Registering Entity may change one ormore values in domain name related reputation data (Step 210). Ifcontinuation of keeping track of the domain name related reputation isdesired (Step 215), then Steps 210 and 215 may be repeated (Step 220).

The initial values may be set to null, zero, or any other value. Thevalues may be on various scales, for example from 0 to 100, from 0 toinfinity, or from −100 to 100, where 0 may represent a domain name withno reputation, etc. The Registering Entity may develop a schedule ofpoints to be awarded for various events associated with the domain name.

For example, if the Registering Entity receives a legitimate complaintabout a spam email message originating from a domain name, the emailpractices reputation rating (score, value) of the domain name and theemail address reputation rating may be reduced by one. If the domainname exists for a year with no complaints, the domain name's overallreputation rating may be raised by 10 points. If the Registering Entityvalidates the domain name registrant contact information, the overallreputation rating may be raised by 20 points, etc. Additional points maybe awarded if the domain name is assigned an SSL certificate issued by acertification authority. The rating may be reduced if illegal content ispresent on the domain name website.

If the domain name is transferred from one Registering Entity toanother, if the registrant was changed, if ownership of the domain namewas changed, or if the domain name expires, the ratings may be changed(e.g. reset to their initial values). Changes in the domain nameregistration information (contact or DNS) may trigger a change of thereputation ratings as well. Optionally, the Registering Entity mayprovide historical values of the reputation ratings.

In another embodiment, referring to FIG. 5, domain name relatedreputation may be tracked from the point when the domain name is gettingregistered or renewed (point of sale). A registrant, who intends toregister a domain name, may visit a Registering Entity's website (Step505). The registrant is a person or entity, who registers the domainname; it may not be necessarily a person or entity, which appears in theWHOIS records. A Registering Entity may offer the registrant areputation tracking service (Step 510). The reputation tracking servicemay be free of charge for the registrant or may be a paid service. Ifthe registrant does not want the reputation tracking service, theRegistering Entity will register the domain name (Step 515). If theregistrant opts for the reputation tracking service, the RegisteringEntity will register the domain name (Step 520), may verify theregistrant (Step 525), and then set initial reputation values inreputation data (Step 530).

Verification may include validating information appearing in the WHOISrecords or in the private registration records, as well as validatingregistrant's business records, driver's licenses, or other documents.There may be multiple levels of verification performed. Basic levels mayinclude validating some of the contact information appearing in theWHOIS record or in the private registration records. Advanced levels mayinclude verification of a variety of registrant's documents. Moreextensive and comprehensive verification levels may result in higherreputation values (assuming the verification was successful).

In yet another embodiment, if the registrant does not opt for thereputation tracking service, the Registering Entity may still createreputation data for the domain name and populate it with some defaultvalues.

FIG. 3 illustrates a method for accessing domain name related reputationdata after a Requester receives an email message. The method includesthe following steps. A Requester receives an email message (Step 305).The Requester identifies a domain name (Step 310). The Requesterdetermines a Registering Entity of the domain name (Step 315). TheRequester determines the location of domain name related reputation data(Step 320). The Requester accesses the domain name related reputationdata (Step 325). Based on the domain name related reputation data theRequester decides (determines) whether to allow or dismiss the emailmessage (Step 330). Depending on that decision the Requester eitherallows the email message (Step 335) or dismisses it (Step 340).

Preferably, the Requester is computer software running in conjunctionwith an email server or a client email program. In Step 310 theRequester may identify a domain name from an email address of a sender.Additional steps may be taken to ensure that the email address of thesender was not forged (spoofed). If the Registering Entity in Step 315is a Registrar, then the Registrar may be determined from the Registry'sWHOIS records. Referring to Step 320, the location of the domain namerelated reputation data may be, inter alia, a database, a website, a webservice, WHOIS records, DNS records, etc. The location of the domainname related reputation data may be a predetermined location (e.g.http://reputation.godaddy.com) or may be provided by a link orreference. The link or reference to the location may be, inter alia, aURL link, a DNS address, an IP address, a computer port or anycombination thereof. For example, a URL link to the website where thereputation data is located may be specified in the WHOIS records. If thelocation of the domain name related reputation data is specified in theRegistry's WHOIS records, then Step 315 (determining the RegisteringEntity) may be omitted. Step 320 (determining the location of reputationdata) may include the following sub-steps: determine a location of theRegistrar's WHOIS data from the Registry's WHOIS (e.g.whois.godaddy.com) and then obtain a URL to the domain name relatedreputation data from the Registrar's WHOIS.

The Requester decides (determines) whether the values in the domain namerelated reputation data are appropriate to allow the email message. Thedomain name related reputation data may have multiple values (ratings);it is likely that the rating(s) for email practices will be consideredby the Requester. If the Requester decides to allow the email message,it may be placed into the user's Inbox. If the email message is notallowed, it may be deleted or placed in a special quarantine mailbox(e.g. “Spam”, “Junk mail,” “Bulk mail,” etc.). Additionally, links tothe webpages in the email message may be checked for their domain namerelated reputation and this information may be used in the decision ofwhether to allow the email message.

Similarly, the Requester may use domain name related reputation todetermine if the Requester should visit a URL link. Referring to FIG. 4,a Requester intends to visit a URL (Step 405). The Requester identifiesa domain name from the URL (Step 410). The Requester determines aRegistering Entity of the domain name (Step 415). The Requesterdetermines the location of domain name related reputation data (Step420). The Requester accesses the domain name related reputation data(Step 425). Based on the domain name related reputation data theRequester decides (determines) whether the Requester should visit theURL (Step 430). If the Requester decides to visit the URL, it may do so(Step 435).

In this method the Requester may be computer software working inconjunction with an Internet browser. If the domain name and/or the URLhave a low reputation, the webpage located at the URL may be blocked.Alternatively, the computer software may give the user a warning thatthe domain name and/or the URL have a low reputation. The user may thendecide whether to visit the URL.

Each URL may have its own reputation rating. This is especially feasiblewhen multiple parties are responsible for the content of a websiteassociated with the domain name.

The Registering Entity or another party may publish domain name relatedreputation data in the DNS or WHOIS records. The reputation values(ratings, scores) or one or more URL links, where the reputation valuescan be found, may be published in the DNS or WHOIS records. The partythat tries to access domain name related reputation data may obtain it,inter alia, from a predetermined URL on the Internet or from the DNS orWHOIS records. One embodiment of the method for publishing the domainname related reputation in the WHOIS records includes the followingsteps. The Registering Entity collects domain name related informationand forms domain name related reputation data. Then, the RegisteringEntity stores the domain name related reputation data in the WHOISrecords.

The domain name related reputation may also be used for presentingsearch engines results. Typically, the search engines results presentedto the network users (or automated solutions) are based on theirrelevance (e.g. how often search terms are found on a webpage), datelast updated, number of links to that webpage, etc. In the method of thepresent invention the network search engines may use reputation ratingsas one of the parameters to be considered for sorting or ordering searchresults. Alternatively, links to the domain names with a low reputationmay be excluded from the search results. The preferred embodiment of themethod for presenting search engine results based on the domain namerelated reputation includes the following steps. An Inquirer posts asearch query to a search engine. The search engine forms search engineresults based, at least in part, on the domain name related reputationand returns the results to the Inquirer. The Inquirer may be a networkuser or an automated service querying the search engine. Search engineresults may include links to websites, webpages, or documents on thenetworks. The networks may include the Internet.

Alternatively or additionally, reputation ratings (scores, values) maybe shown next to (or in conjunction with) the links in the search engineresults. Thus, allowing the network user to determine whether to visitthe link or not. Further, the search engines may use domain name relatedreputation from various databases and sources, including thosemaintained by the Registering Entities.

The search engine may store reputation data with the links to thenetwork documents and webpages. This may speed up the process ofreturning the search engine results to the Inquirer.

Other embodiments and uses of this invention will be apparent to thosehaving ordinary skill in the art upon consideration of the specificationand practice of the invention disclosed herein. The specification andexamples given should be considered exemplary only, and it iscontemplated that the appended claims will cover any other suchembodiments or modifications as fall within the true scope of theinvention.

The Abstract accompanying this specification is provided to enable theUnited States Patent and Trademark Office and the public generally todetermine quickly from a cursory inspection the nature and gist of thetechnical disclosure and in no way intended for defining, determining,or limiting the present invention or any of its embodiments.

1. A system for tracking domain name related reputation, comprising: a)a Domain Names Database for storing a Plurality of Domain Namesregistered through a Registering Entity, wherein said Domain NamesDatabase is maintained by said Registering Entity, and b) a ReputationDatabase for storing a domain name related reputation data for one ormore domain names out of said Plurality of Domain Names registeredthrough said Registering Entity, wherein said Reputation Database isaccessible via a computer network by a Plurality of Requesters.
 2. Thesystem of claim 1, wherein said Registering Entity is a domain nameRegistry.
 3. The system of claim 1, wherein said Registering Entity is adomain name Registrar.
 4. The system of claim 1, wherein saidRegistering Entity is a Reseller of a domain name Registrar.
 5. Thesystem of claim 1, wherein said data comprises a numeric rating orscore, representing domain name related reputation.
 6. The system ofclaim 1, wherein said data comprises a value out of one or morepredetermined sets of discrete values, representing domain name relatedreputation.
 7. The system of claim 1, wherein said data comprises a linkor a reference to a location of an additional reputation data.
 8. Thesystem of claim 1, wherein said data comprises one or more records for adomain name itself.
 9. The system of claim 1, wherein said datacomprises one or more records for a URL associated with a domain name.10. The system of claim 1, wherein said data comprises one or morerecords for a person associated with a domain name.
 11. The system ofclaim 1, wherein said data comprises one or more records for an entityassociated with a domain name.
 12. The system of claim 1, wherein saiddata comprises one or more records for an email address associated witha domain name.
 13. The system of claim 1, wherein said data comprisesone or more records associated with email practices.
 14. The system ofclaim 1, wherein said data comprises one or more records associated withwebsite content.
 15. The system of claim 1, wherein said data comprisesone or more records associated with privacy policies and practices. 16.The system of claim 1, wherein said data comprises one or more recordsassociated with fraudulent activities.
 17. The system of claim 1,wherein said data comprises one or more records associated with domainname related complaints.
 18. The system of claim 1, wherein said datacomprises one or more records associated with domain name overallreputation.
 19. The system of claim 1, wherein said data comprises oneor more records indicating if a domain name can be trusted.
 20. Thesystem of claim 1, wherein said Reputation Database, at least in part,is maintained by said Registering Entity.